Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Please Help, Cannot open Regedit (hijackthis log) [RESOLVED]

mattiscool

Posted 09 July 2005 - 03:51 PM

mattiscool

Member

Topic Starter

Member

74 posts

Currently its Iexplore.exe (Internet Explorer...) ( i know you know what that is)
but its going up and down, it goes from 95- 40- 22- 85- 64-99...anyways yeah. thats it. Still cant open Regedit from the "Start > Run" thing..same with CMD

Guse

Posted 09 July 2005 - 05:04 PM

1) A lot of the stuff is what Spybot cleaned out before. We can clear it off, but it's not really anything to worry about.

2) Most of the stuff is in the C:\Documents and Settings\Matthew\Complete folder. Most of the stuff in there are warez and movies... that's most likely the source of your problems. Warez and such are RIFE with bad, bad stuff.

Let me list off for you some symptoms of that virus:

Opens and locks the following files to prevent these programs from being started:

Guse

Posted 12 July 2005 - 11:55 AM

It probably doesn’t seem like it, Matt, but your Kaspersky log looked a LOT better. Wow. But, we still have some work to do:

First, download and run this Hotfix from Microsoft. You have a few Exploit.HTML.Iframe.FileDownload’s on your machine that can be patched with this to end the exploit.

Now, let’s boot into Safe Mode:Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Then, navigate to and delete the following folders:

C:\RECYCLER\ (<~~ just the contents, you can leave the folder)C:\Program Files\Common Files\ziik\ (<~~~ unless you know what Ziik is, I’d delete the entire folder)

Then, rerun the Cleanup! program that I had you download earlier.

Reboot into Normal Mode

Next, we need to reset your restore points again:

To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

1. Turn off System Restore.On the Desktop, right-click My Computer.Click Properties.Click the System Restore tab.Check Turn off System Restore.Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.On the Desktop, right-click My Computer.Click Properties.Click the System Restore tab.UN-Check *Turn off System Restore*.Click Apply, and then click OK.

mattiscool

Posted 12 July 2005 - 03:49 PM

mattiscool

Member

Topic Starter

Member

74 posts

Hi, I couldnt install the hotfix thing. It said I dont have Internet Explorer 6, which I was on the site WITH Internet Explorer 6. Anyways, Couldnt Find alot of that stuff, but heres the scan from Kaspersky..ALSO..i went to C:\Recycler, but there was no files in the folder. But it says there is one in the scan.

Anyways, REgedit wont open. Ive notcied it, when I try and open it, a command prompt comes up and says "C:\Windows\system32\regedit.com .COM!thats what the virus does though. anyway. heres my hijack this log.